From 084d9077a1f2b76b01f3d3d67ee5bba8a9b93dd5 Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Tue, 30 Apr 2024 12:43:13 -0700 Subject: [PATCH 1/7] postfix --- configuration.nix | 1 + postfix.nix | 12 ++++++++++++ 2 files changed, 13 insertions(+) create mode 100644 postfix.nix diff --git a/configuration.nix b/configuration.nix index 3f8f29a..721d4f5 100644 --- a/configuration.nix +++ b/configuration.nix @@ -4,6 +4,7 @@ ./misskey-service.nix ./heartles-xyz-proxy.nix ./ogdo.nix + ./postfix.nix ]; nix.settings = { diff --git a/postfix.nix b/postfix.nix new file mode 100644 index 0000000..1818103 --- /dev/null +++ b/postfix.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + services.postfix = { + enable = true; + enableSubmission = true; + + extraConfig = '' + inet_interfaces = 127.0.0.1 + ''; + }; +} From 28a9074fa5e095a88577156cf8597cc5b3f32a50 Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Wed, 10 Jul 2024 15:00:03 -0700 Subject: [PATCH 2/7] add opendkim --- postfix.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/postfix.nix b/postfix.nix index 1818103..5a887f9 100644 --- a/postfix.nix +++ b/postfix.nix @@ -4,9 +4,13 @@ services.postfix = { enable = true; enableSubmission = true; + domain = "egirls.gay"; - extraConfig = '' - inet_interfaces = 127.0.0.1 - ''; + config = { inet_interfaces = "loopback-only"; }; + }; + + services.opendkim = { + enable = true; + selector = "default"; }; } From ff70e44994f201ff3bbd192210116a8fcf5ddff1 Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Wed, 10 Jul 2024 15:14:45 -0700 Subject: [PATCH 3/7] connect postfix and opendkim --- postfix.nix | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/postfix.nix b/postfix.nix index 5a887f9..568b81a 100644 --- a/postfix.nix +++ b/postfix.nix @@ -1,16 +1,22 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { services.postfix = { enable = true; enableSubmission = true; - domain = "egirls.gay"; + domain = config.networking.fqdn; - config = { inet_interfaces = "loopback-only"; }; + config = { + inet_interfaces = "loopback-only"; + smtpd_milters = config.services.opendkim.socket; + non_smtpd_milters = "$smtpd_milters"; + milter_default_action = "accept"; + }; }; services.opendkim = { enable = true; selector = "default"; + domains = "csl:${config.networking.fqdn}"; }; } From 0db0cf490b2ec54c57da7a9a151648a90dc729d0 Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Wed, 10 Jul 2024 15:20:55 -0700 Subject: [PATCH 4/7] fix permissions --- postfix.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/postfix.nix b/postfix.nix index 568b81a..f09773a 100644 --- a/postfix.nix +++ b/postfix.nix @@ -1,6 +1,8 @@ { pkgs, config, ... }: { + users.users."${config.services.postfix.user}".extraGroups = + [ "${config.services.opendkim.group}" ]; services.postfix = { enable = true; enableSubmission = true; From 9dced36892d60b9f72d605decc1eb96ad143e7bd Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Wed, 10 Jul 2024 15:24:58 -0700 Subject: [PATCH 5/7] use inet connection instead --- postfix.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/postfix.nix b/postfix.nix index f09773a..600a5d3 100644 --- a/postfix.nix +++ b/postfix.nix @@ -1,8 +1,6 @@ { pkgs, config, ... }: { - users.users."${config.services.postfix.user}".extraGroups = - [ "${config.services.opendkim.group}" ]; services.postfix = { enable = true; enableSubmission = true; @@ -10,7 +8,7 @@ config = { inet_interfaces = "loopback-only"; - smtpd_milters = config.services.opendkim.socket; + smtpd_milters = "inet:127.0.0.1:8891"; non_smtpd_milters = "$smtpd_milters"; milter_default_action = "accept"; }; @@ -19,6 +17,7 @@ services.opendkim = { enable = true; selector = "default"; + socket = "inet:8891@127.0.0.1"; domains = "csl:${config.networking.fqdn}"; }; } From 316bd3e9a20743f2574210be818a5b1b5e2825cd Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Tue, 30 Jul 2024 20:49:46 -0700 Subject: [PATCH 6/7] flake update --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 2f18b39..895f734 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1719838683, - "narHash": "sha256-Zw9rQjHz1ilNIimEXFeVa1ERNRBF8DoXDhLAZq5B4pE=", + "lastModified": 1722221733, + "narHash": "sha256-sga9SrrPb+pQJxG1ttJfMPheZvDOxApFfwXCFO0H9xw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d032c1a6dfad4eedec7e35e91986becc699d7d69", + "rev": "12bf09802d77264e441f48e25459c10c93eada2e", "type": "github" }, "original": { @@ -24,11 +24,11 @@ }, "unstable": { "locked": { - "lastModified": 1719848872, - "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=", + "lastModified": 1722185531, + "narHash": "sha256-veKR07psFoJjINLC8RK4DiLniGGMgF3QMlS4tb74S6k=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8", + "rev": "52ec9ac3b12395ad677e8b62106f0b98c1f8569d", "type": "github" }, "original": { From 1100ac1cae8d05a59e45c680d54ee55a77ca92cf Mon Sep 17 00:00:00 2001 From: jaina heartles Date: Tue, 30 Jul 2024 20:58:14 -0700 Subject: [PATCH 7/7] serve local files --- misskey-service.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/misskey-service.nix b/misskey-service.nix index 465f8e9..98c2396 100644 --- a/misskey-service.nix +++ b/misskey-service.nix @@ -142,6 +142,11 @@ in { rewrite .* $path_full break; proxy_pass https://s3.us-west-1.wasabisys.com; ''; + + locations."/localfiles/" = { + root = "/srv/www/localfiles"; + tryFiles = "$uri =404"; + }; }; virtualHosts."egirls.gay" = {